Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

AesGcm.IsSupported and AesCcm.IsSupported should not unconditionally return true for MacOS #52598

Closed
vcsjones opened this issue May 11, 2021 · 2 comments · Fixed by #52648
Closed

AesGcm.IsSupported and AesCcm.IsSupported should not unconditionally return true for MacOS #52598

vcsjones opened this issue May 11, 2021 · 2 comments · Fixed by #52648
Assignees
@vcsjones
Labels
area-System.Security bug
Milestone
6.0.0

Comments

@vcsjones
Copy link
Member

vcsjones commented May 11, 2021
edited by bartonjs
Loading

In #52030, AesGcm.IsSupported and AesCcm.IsSupported were introduced.

For macOS, these properties unconditionally return true even if there is no usable version of OpenSSL found on the system.

runtime/src/libraries/System.Security.Cryptography.Algorithms/src/System/Security/Cryptography/AesGcm.cs

Line 31 in 5a47690

public static bool IsSupported => true;

This leads to a somewhat bad experience. IsSupported will return true, but attempting to use AesGcm or AesCcm will result in a SIGABRT of the whole process, with the message "No usable version of libssl was found".

Ideally these properties would correctly handle OpenSSL not being available.

With ChaCha20Poly1305 the situation is slightly worse: The IsSupported property itself trigger the faulting behavior when it calls into the shim to ask if the current version of OpenSSL supports the algorithm.
@dotnet-issue-labeler dotnet-issue-labeler bot added area-System.Security untriaged New issue has not been triaged by the area owner labels May 11, 2021
@ghost
Copy link

ghost commented May 11, 2021

Tagging subscribers to this area: @bartonjs, @vcsjones, @krwq, @GrabYourPitchforks
See info in area-owners.md if you want to be subscribed.

Issue Details

In #52030, AesGcm.IsSupported and AesCcm.IsSupported were introduced.

For macOS, these properties unconditionally return true even if there is no usable version of OpenSSL found on the system.

runtime/src/libraries/System.Security.Cryptography.Algorithms/src/System/Security/Cryptography/AesGcm.cs

Line 31 in 5a47690

public static bool IsSupported => true;

This leads to a somewhat bad experience. IsSupported will return true, but attempting to use AesGcm or AesCcm will result in a SIGABRT of the whole process, with the message "No usable version of libssl was found".

Ideally these properties would correctly handle OpenSSL not being available.

Author: vcsjones
Assignees: -
Labels:

area-System.Security, untriaged
Milestone: -

@vcsjones vcsjones self-assigned this May 11, 2021
@GrabYourPitchforks GrabYourPitchforks added this to the 6.0.0 milestone May 11, 2021
@bartonjs bartonjs mentioned this issue May 11, 2021
Merged
@bartonjs bartonjs added bug and removed untriaged New issue has not been triaged by the area owner labels May 11, 2021
@vcsjones
Copy link
Member Author

vcsjones commented May 12, 2021
edited
Loading

Note: ChaChaPoly1305 suffers from the same issue which will be addressed with the AES cases. ChaChaPoly1305 does things a little differently, but it still tries to ask OpenSSL to do something when OpenSSL is not available and crashes the process.

EDIT: Oh @bartonjs updated the original issue with similar warning. 😄 . Will fix ChaCha as part of this.

@filipnavara filipnavara mentioned this issue May 12, 2021
Merged
@vcsjones vcsjones mentioned this issue May 12, 2021
Merged
@ghost ghost added the in-pr There is an active PR which will close this issue when it is merged label May 12, 2021
@ghost ghost removed the in-pr There is an active PR which will close this issue when it is merged label May 13, 2021
@ghost ghost locked as resolved and limited conversation to collaborators Jun 12, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@vcsjones vcsjones

Labels
area-System.Security bug
Projects
None yet
Milestone
6.0.0
Development

Successfully merging a pull request may close this issue.

Detect presence of OpenSSL for crypto primitives vcsjones/runtime
3 participants
@vcsjones @GrabYourPitchforks @bartonjs